Skip to Content.
Sympa Menu

grouper-users - [grouper-users] OpenLDAP authentication problems using LDAPPC and Grouper 1.5

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] OpenLDAP authentication problems using LDAPPC and Grouper 1.5


Chronological Thread 
  • From: Mark Cairney <>
  • To:
  • Subject: [grouper-users] OpenLDAP authentication problems using LDAPPC and Grouper 1.5
  • Date: Wed, 1 Dec 2010 11:19:53 +0000
Hi,

We're hoping to provision data from grouper into an OU in our OpenLDAP
directory. We're running OpenLDAP 2.4.23 and Grouper 1.5.

When attempting to provision data using gsh.sh we get the following error in
our grouper_error.log

2010-12-01 10:51:21,041: [main] ERROR Ldappc.run(282) - Grouper Provision
Failed
javax.naming.AuthenticationNotSupportedException: [LDAP: error code 8 -
modifications require authentication]; remaining name
'cn=APPD,ou=grouper,dc=authorise,dc=ed,dc=ac,dc=uk'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3032)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:788)
at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:319)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:248)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:236)
at edu.vt.middleware.ldap.AbstractLdap.create(AbstractLdap.java:945)
at edu.vt.middleware.ldap.Ldap.create(Ldap.java:632)
at
edu.internet2.middleware.ldappc.synchronize.GroupEntrySynchronizer.addGroupEntry(GroupEntrySynchronizer.java:1146)
at
edu.internet2.middleware.ldappc.synchronize.GroupEntrySynchronizer.performInclude(GroupEntrySynchronizer.java:465)
at
edu.internet2.middleware.ldappc.synchronize.GroupEntrySynchronizer.synchronize(GroupEntrySynchronizer.java:357)
at
edu.internet2.middleware.ldappc.Ldappc.provisionGroups(Ldappc.java:562)
at edu.internet2.middleware.ldappc.Ldappc.provision(Ldappc.java:375)
at edu.internet2.middleware.ldappc.Ldappc.run(Ldappc.java:252)
at edu.internet2.middleware.ldappc.Ldappc.main(Ldappc.java:207)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at
edu.internet2.middleware.grouper.app.gsh.GrouperShell.handleSpecialCase(GrouperShell.java:176)
at
edu.internet2.middleware.grouper.app.gsh.GrouperShell.main(GrouperShell.java:116)
at
edu.internet2.middleware.grouper.app.gsh.GrouperShellWrapper.main(GrouperShellWrapper.java:16)

I've increased the logging to debug but it doesn't give any more useful
information.

The error suggests an authentication issue (I can replicate the behaviour by
using the ldapmodify command with -x for simple authentication but no
credentials entered) but my ldappc.properties file looks fine:

edu.vt.middleware.ldap.ldapUrl=ldaps://alder.authorise.is.ed.ac.uk:636
edu.vt.middleware.ldap.base=dc=authorise,dc=ed,dc=ac,dc=uk
edu.vt.middleware.ldap.authtype=simple

edu.vt.middleware.ldap.serviceUser=cn=Manager,dc=authorise,dc=ed,dc=ac,dc=uk
edu.vt.middleware.ldap.serviceCredentials={SSHA}SomeRandomStuffhere
edu.vt.middleware.ldap.ssl=true
edu.vt.middleware.ldap.tls=false
# edu.vt.middleware.ldap.pagedResultsSize=100

Any ideas? Do I need to wrap any of the values in quotes?

Kind regards,

Mark



/*********************************
Mark Cairney
ITI UNIX Section
Information Services
University of Edinburgh

Tel: 0131 650 6565
Email:


*********************************/


--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.


Archive powered by MHonArc 2.6.16.

Top of Page